The world of electronic commerce has created new challenges to establishing relationships between contracting parties. One of those challenges springs from the fact that the parties to the transaction cannot see or hear each other, and cannot otherwise easily confirm each other's identity and authority to act.
One remedy for this problem is to provide each contracting party with a private key for signing transmitted messages. The signing party makes available an associated public key that decrypts messages signed with the party's private key, and thus enables a receiving party to confirm the identity of the sender.
But the sender's public key may not be known a priori to the recipient. In that event, the sender may transmit with its signed message a digital certificate issued by a certification authority. The certificate is itself a signed electronic document (signed with the private key of the certification authority) certifying that a particular public key is the public key of the sender.
In some cases, the recipient may be unfamiliar with the public key of the certification authority or may not know whether the certificate is still valid. In that event, the recipient may wish to check the validity of the certificate with an entity that it trusts. In addition, the recipient may wish to obtain a financial guarantee to protect itself against damage that it may suffer from reliance on an invalid certificate.